Electronic mail (email) addresses are commonly provided by customers when interacting with a company's website. For example, customers often use their email address to serve as their login name, to receive an electronic receipt of a purchase, shipping updates, promotional materials and newsletter subscriptions. As is often the case, however, a customer's email address can fall into the hands of third party organizations that use it to deliver unsolicited email, or “spam”.
Internet service providers (ISPs), email service providers (ESPs), and email software companies are employing various strategies to restrict and/or filter incoming email with the aim of reducing the amount of spam received by recipients. A side effect of such strategies is that legitimate email is often discarded, blocked or incorrectly deposited in “bulk mail” folders. As such, some solutions which block and/or filter email enable recipients to specify specific email senders that are allowed to bypass these protections. Such lists of explicitly enabled senders are often called “whitelists”. Likewise, it is common to allow recipients to specify “blacklists”—lists of individual senders prohibited from sending email to the recipient. Email coming from blacklisted senders is automatically blocked, filtered, or restricted accordingly.
Manually maintaining whitelists and blacklists can represent a significant inconvenience on the recipient's part. Some systems require the recipient to separately open an application which manages their access lists and manually specify the sender's email address. Another approach requires that the recipient open the application which manages his or her access list and generate a special, unique tracking email address which circumvents the normal challenge/response mechanism. Some so-called “challenge/response” solutions put the burden of maintaining a recipient's whitelist on the senders themselves, by requiring previously unknown senders to authenticate themselves by responding to a “challenge” question designed to be only practically answerable by a human sender. Upon correctly answering the “challenge” question, the sender is deemed to be legitimate (by virtue of being a human sender rather than an automated system), and is added to the recipient's whitelist. However, this process will unwittingly filter out legitimate email that happens to have been sent by a mail program rather than by a person. From either the recipient's or the sender's perspective, a more convenient approach to managing email access lists is desired.